Medium Severity

Security Bulletin: A vulnerability in Jackson Databind affects IBM Operations Analytics Predictive Insights (CVE-2020-8840)

Share this post:

Jackson Databind is used by IBM Operations Analytics Predictive Insights. IBM Operations Analytics Predictive Insights has addressed the applicable CVE. Note that the usage of Jackson Databind within IBM Operations Analytics Predictive Insights is limited to the REST Mediation utility. If you do not have this utility installed you are not affected by this bulletin, otherwise apply the recommended remediation fixes.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Operations Analytics Predictive Insights 1.3.6

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6250409

More stories

Security Bulletin: WebSphere Application Server Java Batch is vulnerable to an XML External Entity Injection (XXE) vulnerability (CVE-2021-20492)

Jun 19, 2021 8:00 pm EDT | Medium Severity

WebSphere Application Server Java Batch is vulnerable to an XML External Entity Injection (XXE) vulnerability. This has been addressed. ...read more


Security Bulletin: IBM Security Identity Manager Virtual Appliance deprecated Self Service UI contains Struts V1 (CVE-2016-1182)

Jun 17, 2021 8:00 pm EDT | Medium Severity

IBM Security Identity Manager Virtual Appliance made code changes to remove the deprecated function and its associated Struts V1 code library. ...read more


Security Bulletin: IBM Security Identity Manager deprecated Self Service UI contains Struts V1 (CVE-2016-1182)

Jun 17, 2021 8:00 pm EDT | Medium Severity

IBM Security Identity Manager made code changes to remove the deprecated function and its related Struts V1 code library. ...read more